Studies suggest cyber-security overconfidence in small/medium businesses
In a recent survey by Symantec and the National Cyber Security Alliance (NCSA), most small and medium-sized businesses participating felt they were safe from cyber threats, although just 17% of the 1,015 companies had a formal plan for cyber security. Other contradictory items:
- Although 77% recognized that strong cyber security was important for their brand, 59% had no plan on how to respond to a data breach.
- Only 13% had a written Internet policy, but 62% believed that their employees knew the company’s Internet policy and practices.
Visit Small biz survey: No cybersecurity plans — no worries. What? for the full CNet article by Charles Cooper.
In a separate survey during the fall of 2011, research firm Opinion Matterspolled 200 IT decision makers working in companies of five to 250 employees. Although almost 88% had web-monitoring/filtering software, over 40% of respondents have had a security breach due to unsafe web browsing.
Visit 40% of SMB have had a security breach due to unsafe Web surfingfor the full ConnectIT article by Mark Cox.
Both studies suggest that these businesses are not as secure as they think.